Summer Camp Management Software
Senior Cybersecurity Engineer
Location
United States
Posted
10 hours ago
Salary
$180K - $198K / year
Seniority
Senior
Job Description
Senior Cybersecurity Engineer
CampMinder
Role Description This role’s mission & overview: Camps trust Campminder to keep their data safe, and that trust is what lets them focus on running a great summer. You'll own how we protect that data end to end: - Architecting and hardening our security infrastructure - Carrying our PCI and SOC2 programs through every audit - Setting the roadmap that keeps us ahead of real threats - Being the person the engineering org comes to on security - Defining what good looks like at Campminder As a Senior Cybersecurity Engineer on our Engineering team, you will: - Manage identity and access infrastructure, including Azure conditional access, Okta SSO, and Auth0, keeping MFA and zero-trust enforced across production and internal apps - Integrate security scanning (SAST, DAST, SCA) into CI/CD pipelines and drive remediation before code reaches production - Configure, tune, and harden WAF rules across our web applications - Own vulnerability scanning and remediation using tools like Mondoo and SecurityMetrics, and administer EDR, DLP, and SIEM/XDR tooling across servers and endpoints - Manage secrets and credentials in build pipelines, including vault-based storage, rotation, and least-privilege service accounts - Execute PCI technical controls: SAQ completion, quarterly ASV scans, and disaster recovery implementation - Harden containerized and cloud-native environments, including image scanning and Kubernetes configuration - Coordinate pen testing engagements and drive remediation against SLA timelines - Run security awareness training programs (KnowBe4, Security Journey) and maintain AI usage oversight, including approved tooling, code-gen governance, and supply-chain monitoring Qualifications - 5+ years in security engineering or DevSecOps, with hands-on ownership of both pipeline-level and infrastructure-level security - Experience configuring IAM and SSO platforms (Okta, Auth0) alongside cloud-native identity controls like Azure conditional access - Comfort embedding security directly into CI/CD workflows: SAST/DAST/SCA tooling, secrets management, and policy-as-code - A track record hardening containerized and cloud-native environments, including Kubernetes and image scanning - Experience executing PCI or similar compliance technical controls (scans, SAQs, evidence prep); program ownership isn't required, but you know how to translate auditor requirements into engineering work - Familiarity administering SIEM/XDR and EDR/DLP tooling - The judgment to triage real vulnerabilities over theoretical ones, and to know when to escalate versus fix directly - Experience running or supporting security awareness and training programs - Exposure to AI tooling governance, such as MCP inventories, code-gen release gating, or supply-chain monitoring for AI-assisted development Benefits - Robust medical, dental, and vision coverage options with generous employer contributions, plus a $500 employer HSA contribution for HSA-compatible plans - Ability to choose where you work - remotely, in the office, or a mix! - A variety of resources to support mental health and emotional well-being - 12 weeks of 100% paid parental leave for all new parents, including via adoption, surrogacy, and foster care - 401(k) with 4% company matching - Trust-Based (flexible) PTO (and yes, we use it!) - $900/year wellness allowance - Company-paid subscriptions, training, and support for using AI professionally and personally Company Description We know the best people can choose to work anywhere. Here’s a few reasons why 100+ of them choose Campminder: - With 20+ years experience of serving the industry through its digital transformation, we’re stable, profitable, and have developed a loyal customer base (that continues to grow). - We build software for summer camps, an industry that enables meaningful experiences for kids. - We work on interesting, ambitious projects that create real value for our clients. - We know our team members feel their work has an impact on the organization’s purpose. - We are genuinely committed to work/life balance. - We invest in emerging technology and cutting-edge leadership and are proud to take an "AI-Enabled" approach in our solutions. - We’ve been listed on Outside Magazine’s 50 Best Places to Work for 8 consecutive years for our values-led culture and employee experience.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Pre-sales - assist in qualifying sales leads from a technical standpoint. • Sales calls - be the main technical resource on sales calls and answer/ educate the customer on issues ranging from features, specifications and functionality to integration. • Conversant with networking applications and solutions. • Experience with virtualization, NFV and emerging SDN technologies • Post-sales - be the lead technical contact for identified accounts for technical issues and will work closely with the technical support team and engineering to answer, elevate and resolve customers technical issues. • Provide assistance to identified customers with post-sales training. • Regularly interface, provides presales support and assist in training Fortinet Channel partners in your region. • Presenting at events, seminars, customer and partner meetings • Flexible to travel. Travel will primarily be within the SEs designated region, but may also include occasional travel to other regions.
• Extensive experience in pre-sales designing and proposing secure platform solutions • Building technical security solutions, proving their viability and providing technological justifications • Design complete network, cloud and security solutions providing strong technical roadmaps • Identify technical opportunities within the field to increase pipeline growth and team prosperity • Leading proof of concept valuations, technical workshops and events • Collaborate with Account Manager to answer/ educate the customer on issues • Strategizing about future services or capabilities customers may require within your account base • Support your customer through issue resolution by collaborating with TAC and other technical resources • Build technical business relationships with key customers and partners • Regularly interface, providing technology enablement in your region • Mentor others with your expertise while collaborating with a team of industry experts
Role Description ¡Prepárate para vivir una nueva etapa con Periferia IT Group! Si tienes experiencia como Cloud Security Engineer y quieres generar un impacto en el mundo tecnológico, esta es tu oportunidad para unirte a nuestro equipo. Trabajarás con más de 1,000 profesionales en una multinacional colombiana líder en el sector TI, con fuerte presencia en América Latina y Estados Unidos. ¡Impulsa tu carrera con nosotros y haz crecer tu potencial! - Únete a nuestra cultura Periferia enfocada al servicio y la innovación, donde cada idea cuenta para superar las expectativas de nuestros clientes. - Sumérgete en un entorno laboral dinámico que fomenta el aprendizaje continuo y el desarrollo personal. - Participa en proyectos desafiantes donde podrás aplicar tus conocimientos y habilidades para generar un impacto real. - Disfruta de un equilibrio entre tu vida personal y laboral, mientras promovemos el bienestar integral de todos nuestros colaboradores. Qualifications - Ser PROFESIONAL en Ingeniería de Sistemas o carreras afines. - Contar con experiencia superior a 3 años en ciberseguridad, seguridad de aplicaciones y protección de APIs y microservicios. - Dominar en un nivel ALTO API Gateway OCELOT, hardening de infraestructura, OWASP, CIS, autenticación, autorización, TLS y gestión de vulnerabilidades. - Contar con conocimientos en seguridad de redes, segmentación, firewalls, gestión de secretos, logging, monitoreo de seguridad y arquitecturas de microservicios on-premise. - Tener la capacidad de adaptarse a nuevas tecnologías y enfoques innovadores para maximizar su impacto. Requirements - Ejecutar diagnósticos de seguridad sobre API Gateway OCELOT y microservicios, identificando vulnerabilidades y oportunidades de mejora. - Diseñar e implementar controles de seguridad, incluyendo hardening, autenticación, autorización, cifrado TLS y protección de la infraestructura de red. - Implementar mecanismos de monitoreo, gestión de secretos, logging y documentación técnica, asegurando la continuidad operativa y la transferencia de conocimiento al cliente. - Coordinar actividades con los equipos de Desarrollo, DevOps, Infraestructura y Redes, gestionando riesgos y asegurando el cumplimiento de las mejores prácticas de ciberseguridad. Benefits - Trabajo remoto en Colombia. - Contrato por prestación de servicios. - Salario a convenir según experiencia y habilidades. - Beneficios a la carta para tu bienestar y estilo de vida.
• Own the strategic direction and roadmap for Confluent's access management program • Lead the program to enforce service-to-service authentication • Formalize non-human identity from pilot into a funded, governed program • Own the Access Management Standard and policies for least privilege • Define and track program OKRs and articulate risk posture to leadership • Drive cross-functional delivery with engineering and platform teams • Ensure the access management program integrates with adjacent GRC domains


